Description
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination.
Published: 2025-05-12
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service – unexpected system termination
Action: Patch
AI Analysis

Impact

A memory corruption flaw, classified as CWE-119, was discovered in Apple’s operating systems. The vulnerability stems from improper state management and can be triggered by an application. When exploited, it leads to uncontrolled crashes or unexpected termination of the operating system, effectively denying service to legitimate users. No elevation or data‑exfiltration capabilities were reported in the CVE description, so the primary concern is loss of availability rather than confidentiality or integrity.

Affected Systems

Apple iOS 18.3, iPadOS 18.3 and 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, and watchOS 11.3 are all mentioned as affected. Devices running any of these OS versions should be evaluated for exposure.

Risk and Exploitability

The CVSS base score of 5.5 indicates a medium severity vulnerability, while the EPSS score of less than 1% suggests that exploitation is currently unlikely to be widespread. The vulnerability is not listed in the CISA KEV catalog. The attack vector is not explicitly described in the official advisory, but it is inferred that an app could invoke the flaw, potentially requiring local user execution or privileged app privileges. Because the exploit terminates or crashes the system, it primarily impacts availability rather than providing access to data.

Generated by OpenCVE AI on April 28, 2026 at 01:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest OS updates: upgrade iOS to 18.3, iPadOS to 18.3 or 17.7.7, macOS to Sequoia 15.3, Sonoma 14.7.5 or Ventura 13.7.5, tvOS to 18.3, visionOS to 2.3, and watchOS to 11.3.
  • If a device cannot be updated immediately, isolate it from critical operations or restrict the installation of untrusted applications until the update is applied.
  • Monitor for incidents of unexpected shutdown or crash and report any such events to Apple immediately.

Generated by OpenCVE AI on April 28, 2026 at 01:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-14633 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
History

Tue, 28 Apr 2026 02:00:00 +0000

Type Values Removed Values Added
Title Memory Corruption Leading to Unexpected System Termination Across Apple Operating Systems

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination. A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 27 May 2025 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos
Apple watchos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple tvos
Apple visionos
Apple watchos

Wed, 14 May 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Tue, 13 May 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 May 2025 21:45:00 +0000

Type Values Removed Values Added
Description A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
References

Subscriptions

Apple Ipados Iphone Os Macos Tvos Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:24:50.642Z

Reserved: 2025-01-17T00:00:44.969Z

Link: CVE-2025-24111

cve-icon Vulnrichment

Updated: 2025-11-03T19:43:12.187Z

cve-icon NVD

Status : Modified

Published: 2025-05-12T22:15:19.643

Modified: 2026-04-02T19:19:00.920

Link: CVE-2025-24111

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:45:18Z

Weaknesses